Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

2 matches found

Snyk
Snykadded 2025/03/20 12:32 p.m.1 views

Server-side Request Forgery (SSRF)

Overview Affected versions of this package are vulnerable to Server-side Request Forgery SSRF in the concatenateForRewrite method in JettyUtils when the management proxy is enabled - which it is in the default configuration. An attacker can manipulate the URL to redirect requests to an arbitrary...

5.8CVSS7.2AI score0.02273EPSS
Exploits0References4
Veracode
Veracodeadded 2017/05/18 3:3 a.m.31 views

Timing Attack

Jetty Utils is vulnerable to timing attacks. The library is vulnerable because it does not compare passwords, message digests and credentials in constant-time. This allows malicious users to use the timing of the request to progressively identify a valid passwords, message digests and credentials...

7.5CVSS8.3AI score0.0084EPSS
Exploits0References15Affected Software6
Rows per page
Query Builder